Permission Denied by Server Configuration Apache Webserver for Adminer

Posted on

This is an article written to inform on how to solve the error triggered which is specified in the title of this article, it is “Permission Denied by Client Configuration”. The error itself is generated in the error log file of Apache Webserver named error.log. The error file normally located in “/var/log/httpd” which is shown in the tree format as follows :

[root@hostname httpd]# tree .
.
├── access.log
└── error.log

0 directories, 2 files
[user@hostname httpd]#

Below is the content of the error which is available in the error.log file as shown below :

[Wed Aug 23 02:40:22.241831 2017] [authz_core:error] [pid 24423] [client xxx.xxx.xxx.xxx:42494] AH01630: client denied by server configuration: /usr/share/adminer

The above error message located in the error.log file actually generated upon accessing adminer which has already been configured before. It can be seen as shown in the article titled ‘Install Adminer on CentOS 7 via Command Line’ which can be visited in this link.

Below is the actual Apache Webserver configuration file for Adminer which is represented in a file named adminer.conf. It is stored in the location which is normally dedicated to place additional Apache Webserver configuration file in ‘/etc/httpd/config.d’ as shown in the following tree format :

[root@localhost conf.d]# tree .
.
├── adminer.conf
├── autoindex.conf
├── php.conf
├── README
├── userdir.conf
└── welcome.conf

0 directories, 6 files
[root@localhost conf.d]#

Below is the content of the file named adminer.conf :

Alias /myadminer "/usr/share/adminer"
<Directory "/usr/share/adminer">
AllowOverride All
Options FollowSymlinks
Order deny,allow
Deny from all
Allow from all
</Directory>

In order to solve the above problem, below are steps taken :

1. Make sure the ownership of the file inside the location specified which is in ‘/usr/share/adminer’  has the right one. In order to be executed by Apache Webserver, it is owned by Apache Webserver user and group, it can be vary depends on the operating system, either httpd, apache or even www-data.

[root@localhost conf.d]# ls -al /usr/share/adminer/
total 328
drwxr-xr-x. 2 apache apache 23 Agu 23 02:36 .
drwxr-xr-x. 79 root root 4096 Agu 23 02:36 ..
-rw-r--r--. 1 apache apache 330757 Agu 23 02:36 index.php
[root@localhost conf.d]#

2. Make sure the file itself has the permission to be executed. It is enough for the file has a read permission.

-rw-r--r--. 1 apache apache 330757 Agu 23 02:36 index.php
  1. Set the security context label and adjust it accordingly to the rules and policy defined if SELinux is activated. It is shown as follows :
[root@localhost conf.d]# ls -lZ /usr/share/adminer/
-rw-r--r--. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 index.php
[root@localhost conf.d]#

4. Change the file configuration file in Apache Webserver specified in the above which is solely defined for adminer in the file named adminer.conf. It is then the problem triggered error ‘Permission Denied by Server Configuration’ will be solved. What is the part of the Server Configuration which is causing the request from client is denied because of the permission ?. It is shown as follow :

Alias /myadminer "/usr/share/adminer"
<Directory "/usr/share/adminer">
AllowOverride All
Options FollowSymlinks
Order deny,allow
Deny from all
Allow from all
Require all granted
</Directory>

The additional line to solve the problem is by inserting ‘Require all granted’ in the above adminer dedicated Apache Webserver’s configuration file.

Leave a Reply